Search the FAQ Archives

3 - A - B - C - D - E - F - G - H - I - J - K - L - M
N - O - P - Q - R - S - T - U - V - W - X - Y - Z
faqs.org - Internet FAQ Archives

Kerberos FAQ, v2.0 (last modified 8/18/2000)
Section - 5.2. What is GSSAPI?

( Single Page )
[ Usenet FAQs | Web FAQs | Documents | RFC Index | Sex offenders ]


Top Document: Kerberos FAQ, v2.0 (last modified 8/18/2000)
Previous Document: 5.1. How do I start programming with Kerberos?
Next Document: 5.3. What is SASL?
See reader questions & answers on this topic! - Help others by sharing your knowledge
GSSAPI is an acronym; it stands for Generic Security Services Application
Programming Interface.

The GSSAPI is a generic API for doing client-server authentication. The
motivation behind it is that every security system has it's own API, and the
effort involved with adding different security systems to applications is
extremely difficult with the variance between security APIs. However, with a
common API, application vendors could write to the generic API and it could
work with any number of security systems.

How does this relate to Kerberos? Included with most major Kerberos 5
distributions is a GSSAPI implementation. Thus, if a particular application
or protocol says that it supports the GSSAPI, then that means that it
supports Kerberos, by virtue of Kerberos including a GSSAPI implementation.

The relevant standards for GSSAPI include:

   * RFC 2743 - Generic Security Services Application Program Interface
     Version 2, Update 1.
     <http://www.ietf.org/rfc/rfc2743.txt>

   * RFC 1509 - Generic Security Service API: C-bindings
     <http://www.ietf.org/rfc/rfc1509.txt>

   * RFC 1964 - The Kerberos Version 5 GSS-API Mechanism
     <http://www.ietf.org/rfc/rfc1964.txt>

In terms of programming guides, the only one available that I know about is
the one from Sun Microsystems. It seems fairly complete and is a excellent
starting point:

   * <http://docs.sun.com:80/ab2/coll.610.1/GSSAPIPG/>

User Contributions:

Comment about this article, ask questions, or add new information about this topic:

CAPTCHA




Top Document: Kerberos FAQ, v2.0 (last modified 8/18/2000)
Previous Document: 5.1. How do I start programming with Kerberos?
Next Document: 5.3. What is SASL?

Single Page

[ Usenet FAQs | Web FAQs | Documents | RFC Index ]

Send corrections/additions to the FAQ Maintainer:
Ken Hornstein <kenh@cmf.nrl.navy.mil>





Last Update March 27 2014 @ 02:11 PM